Deploying and using DirectAccess requires several prerequisites:
- Being in a replicated Active Directory environment with DFS-R
- Dedicated a server to this role:
- Member of the domain
- The Windows firewall must be activated, it is this one that manages the transition IPv4 <-> IPv6
- Dedicate an Active Directory group for computers that use DirectAccess.
- Customers who are members of the domain:
- Windows 7,8,8.1,10 Enterprise
- Firewall activated
If you want to enable post authentication with a certificate, you need to set up an enterprise CA.
So that users can retrieve the DirectAccess configuration, they must be configured in the enterprise network.